Saddar Toufik | 12 Feb 20:45 2016
Picon

[help] use of libmodsecurity

Hello,
I installed libmodsecurity,
I woud like use  libmodsecurity c++ interface  
I create simple "hello word" code to test:

#include "modsecurity/modsecurity.h"
#include "modsecurity/transaction.h"
#include "modsecurity/intervention.h"

#include <stdlib.h>

int main()

{

    printf("Hello world!\n");
    return 0;

}

when I compile the code with  gcc main.c -o main.o I have this error:
modsecurity/modsecurity.h:92:38: fatal error: modsecurity/intervention.h: No such file or directory
compilation terminated.

please Help me

------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
mod-security-users mailing list
mod-security-users <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-users
Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
http://www.modsecurity.org/projects/commercial/rules/
http://www.modsecurity.org/projects/commercial/support/
Chaim Sanders | 12 Feb 16:50 2016

Google Summer of Code ideas.

Good afternoon everyone!
Coming up very quickly we are looking to submit a Google Summer Of Code application for the ModSecurity project. While the team at Trustwave has a number of ideas, we are reaching out to you, the community, to see if there are any exciting projects/additions for the ModSecurity project that you have been dreaming up. Ideally we’d love to focus our attention on the next version of ModSecurity v3.0 (aka libmodsecurity) which we are hard at work on; however, this doesn’t mean that good ideas for the 2.x branch will be overlooked.
We will be accumulating these ideas on our Google Summer of Code Wiki located at: https://github.com/SpiderLabs/ModSecurity/wiki/Ideas-for-Google-Summer-of-Code-2016

We look forward to hearing all your ideas. If you have one (or several) feel free to respond to this thread.



This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is strictly prohibited. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
mod-security-users mailing list
mod-security-users <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-users
Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
http://www.modsecurity.org/projects/commercial/rules/
http://www.modsecurity.org/projects/commercial/support/
Diana Nabel | 11 Feb 21:34 2016

No phase 4 with Wordpress multisite

Hello,

I have a Red Hat 6 server with apache 2.2/php 5.3.3/mod_security 2.7.3 installed, and a WordPress multisite installation for content. We put mod_security in order to check the content that's being delivered to the user; if we find a particular string (text), we give a specific error message; if not, the content is delivered normally.

I tried our setup with regular HTML/php pages and it worked as expected: pages that don't have the string go through, and pages that do have the string make the server show an error message. I also tried with a regular WordPress site and it works fine as well.

Now when I try with pages in the WordPress multisite installation, I can see that mod_security is not going through phase 4, and therefore not acting on the content being served to the client. I set mod_security to full debug mode and I can see that for regular pages (i.e. non multisite installation or fixed html/php), mod_security goes through all 4 phases, yet when I try with a link served by the WordPress multisite server, phase 4 never happens and nothing is done for the RESPONSE_BODY.

As far as I can see the problem is only with the WordPress multisite installation. I looked around and I can't find anyone commenting on something like this. As a note, in case the problem was related to some of our own customizations, I tried with a clean installation of WordPress multisite (without any specific modifications) and I see the same (bad) behavior.
Has anyone came across similar issues? Any help would be truly appreciated!!

D.

_______________________________________________________________
Get the Free email that has everyone talking at http://www.mail2world.com
Unlimited Email Storage – POP3 – Calendar – SMS – Translator – Much More!

------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
mod-security-users mailing list
mod-security-users <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-users
Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
http://www.modsecurity.org/projects/commercial/rules/
http://www.modsecurity.org/projects/commercial/support/
Tim Smith | 11 Feb 17:47 2016
Picon

NGINX unknown directive "SecRuleEngine"

Copied modsecurity.conf-recommended from modsecurity-2.9.1-RC1 to my
nginx conf dir, made zero modifications to that file but am getting
the following error

nginx: [emerg] unknown directive "SecRuleEngine" in
/etc/nginx/conf.d/modsecurity.conf:60

Google yields nothing and my NGINX conf is straightforward :

server {
        listen       80;
        server_name  localhost;

location / {
           ModSecurityEnabled on;
           ModSecurityConfig /etc/nginx/conf.d/modsecurity.conf;
           proxy_pass http://XXXXXXXXXXXX:YYYY;
           proxy_read_timeout 180s;
        }
}

------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
mod-security-users mailing list
mod-security-users <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-users
Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
http://www.modsecurity.org/projects/commercial/rules/
http://www.modsecurity.org/projects/commercial/support/

Saddar Toufik | 11 Feb 09:58 2016
Picon

[help] use of ModSecurity-Python-Bindings

Hello
I have installed libmodsecurity and ModSecurity-Python-Bindings with sucess
 I have in the path  /usr/lib/python2.7/site-packages/modsecurity/ 
the files:
__init__.py  
__init__.pyc  
modsecurity.py
modsecurity.pyc

but I have this error:

Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/usr/lib/python2.7/site-packages/modsecurity/modsecurity.py", line 28, in <module>
    _modsecurity = swig_import_helper()
  File "/usr/lib/python2.7/site-packages/modsecurity/modsecurity.py", line 20, in swig_import_helper
    import _modsecurity
ImportError: No module named _modsecurity
thanks
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
mod-security-users mailing list
mod-security-users <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-users
Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
http://www.modsecurity.org/projects/commercial/rules/
http://www.modsecurity.org/projects/commercial/support/
Saddar Toufik | 10 Feb 22:26 2016
Picon

[help] use of ModSecurity-Python-Bindings

Hello
I have installed libmodsecurity and ModSecurity-Python-Bindings with sucess
 I have in the path  /usr/lib/python2.7/site-packages/modsecurity/ 
the files:
__init__.py  
__init__.pyc  
modsecurity.py
modsecurity.pyc

but I have this error:

Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/usr/lib/python2.7/site-packages/modsecurity/modsecurity.py", line 28, in <module>
    _modsecurity = swig_import_helper()
  File "/usr/lib/python2.7/site-packages/modsecurity/modsecurity.py", line 20, in swig_import_helper
    import _modsecurity
ImportError: No module named _modsecurity

thanks
toufik
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
mod-security-users mailing list
mod-security-users <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-users
Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
http://www.modsecurity.org/projects/commercial/rules/
http://www.modsecurity.org/projects/commercial/support/
Felipe Costa | 10 Feb 14:02 2016

Second community meeting - minutes

Hi,

Thank you all that participated in our second community meeting.

The meeting minutes is available here:
https://www.modsecurity.org/developers/meetings/modsecurity.2016-01-27-15.08.html



Please let me know if something is missing.


Br.,
Felipe “Zimmerle” Costa
Security Researcher, Lead Developer ModSecurity.
Trustwave | SMART SECURITY ON DEMAND
www.trustwave.com <http://www.trustwave.com/>


________________________________

This transmission may contain information that is privileged, confidential, and/or exempt from
disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any
disclosure, copying, distribution, or use of the information contained herein (including any reliance
thereon) is strictly prohibited. If you received this transmission in error, please immediately
contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
mod-security-users mailing list
mod-security-users <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-users
Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
http://www.modsecurity.org/projects/commercial/rules/
http://www.modsecurity.org/projects/commercial/support/
Saddar Toufik | 10 Feb 13:30 2016
Picon

[help] use of use of ModSecurity-Python-Bindings

Hello
I have installed libmodsecurity and ModSecurity-Python-Bindings with sucess
 I have in the path  /usr/lib/python2.7/site-packages/modsecurity/ 
modsecurity.py

Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/usr/lib/python2.7/site-packages/modsecurity/modsecurity.py", line 28, in <module>
    _modsecurity = swig_import_helper()
  File "/usr/lib/python2.7/site-packages/modsecurity/modsecurity.py", line 20, in swig_import_helper
    import _modsecurity
ImportError: No module named _modsecurity
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
mod-security-users mailing list
mod-security-users <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-users
Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
http://www.modsecurity.org/projects/commercial/rules/
http://www.modsecurity.org/projects/commercial/support/
Saddar Toufik | 7 Feb 13:19 2016
Picon

[Help] use of ModSecurity-Python-Bindings

Hello
I have installed libmodsecurity and ModSecurity-Python-Bindings with sucess 
but I have error when I create simple script error 

ImportError: No module named modsecurity
are they some configuration before use of ModSecurity-Python-Bindings ?
can I use any path of my scripte ?

Thanks
Toufik



------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
mod-security-users mailing list
mod-security-users <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-users
Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
http://www.modsecurity.org/projects/commercial/rules/
http://www.modsecurity.org/projects/commercial/support/
Gary Hull | 6 Feb 02:46 2016
Picon

unsubscribe me please


------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
mod-security-users mailing list
mod-security-users <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-users
Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
http://www.modsecurity.org/projects/commercial/rules/
http://www.modsecurity.org/projects/commercial/support/

Felipe Costa | 3 Feb 18:17 2016

ModSecurity version 2.9.1-rc1 announcement


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

It is a pleasure to announce the first release candidate for ModSecurity
version 2.9.1. The version 2.9.1-RC1 contains fixes and new features.
The new features list includes audit logs in JSON format.

I would like to thank you all, that participate in the construction of
this release. A special thanks to the ones who sent patches and the ones
who participated on the community meetings, which helped to increase the
quality of our releases. Thank you.

The documentation of the new features is already available on our wiki
page: https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual

The source and binaries (and the respective hashes) are available at:
https://github.com/SpiderLabs/ModSecurity/releases/tag/v2.9.1-RC1

The most important changes are listed bellow:

* New features

 - Added support to generate audit logs in JSON format.
   [Issue #914, #897, #656 - Robert Paprocki]
 - Extended Lua support to include version 5.3
   [Issue #837, #762, #814 - Athmane Madjoudj and ModSecurity team]
 - mlogc: Allows user to choose between TLS versions (TLSProtocol option
   introduced).
   [Issue #881 - Ishwor Gurung]
 - Allows mod_proxy's "nocanon" behavior to be specified in proxy actions.
   [Issue #1031, #961, #763 - Mario D. Santana and ModSecurity team]

* Bug fixes

 - Creating AuditLog serial file (or parallel index) respecting the
   permission configured with SecAuditLogFileMode. Previously, it was
   used only to save the transactions while in parallel mode.
   [Issue #852 -  <at> littlecho and ModSecurity team]
 - Checking for hashing injection response, to report in case of failure.
   [Issue #1041 - ModSecurity team]
 - Stop buffering when the request is larger than SecRequestBodyLimit
   in ProcessPartial mode
   [Issue #709, #705, #728 - Justin Gerace and ModSecurity team]
 - Refactoring conditional #if/#defs directives.
   [Issue #996 - Wesley M and ModSecurity team]
 - mlogc-batch-load.pl.in: fix searching SecAuditLogStorageDir
   files with Apache 2.4
   [Issue #775 - Elia Pinto]
 - Understands IIS 10 as compatible on Windows installer.
   [Issue #931 - Anton Serbulov, Pavel Vasilevich and ModSecurity team]
 - Fix apache logging limitation by using correct Apache call.
   [Issue #840 - Christian Folini]
 - Fix apr_crypto.h check on 32-bit Linux platform
   [Issue #882, #883 - Kurt Newman]
 - Fix variable resolution duration (Content of the DURATION variable).
   [Issue #662 - Andrew Elble]
 - Fix crash while adding empty keys to persistent collections.
   [Issue #927 - Eugene Alekseev, Marc Stern and ModSecurity team]
 - Remove misguided call to srand()
   [Issues #778, #781 and #836 - Michael Bunk,  <at> gilperon]
 - Fix compilation problem while ssdeep is installed in non-standard
   location.
   [Issue #872 - Kurt Newman]
 - Fix invalid storage reference by apr_psprintf at msc_crypt.c
   [Issue #609 - Jeff Trawick]

* Known issues

 - Instabilities of nginx add-on are still expected. Please use the "nginx
   refactoring" branch and stay tuned for the ModSecurity version 3.

Br.,
Felipe "Zimmerle" Costa
Lead Developer for ModSecurity
Security Researcher, SpiderLabs

Trustwave | SMART SECURITY ON DEMAND
www.trustwave.com <http://www.trustwave.com/>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: GPGTools - https://gpgtools.org

iEYEARECAAYFAlayNO4ACgkQ5t+wjOixEneGyQCeJtAPhLk9EXRg7/GviovZQ2i5
bwMAn3SSrlzFC+g3zdlOU4Yug3kiRpAp
=Prxb
-----END PGP SIGNATURE-----

________________________________

This transmission may contain information that is privileged, confidential, and/or exempt from
disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any
disclosure, copying, distribution, or use of the information contained herein (including any reliance
thereon) is strictly prohibited. If you received this transmission in error, please immediately
contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.

------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140
_______________________________________________
mod-security-users mailing list
mod-security-users <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-users
Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
http://www.modsecurity.org/projects/commercial/rules/
http://www.modsecurity.org/projects/commercial/support/


Gmane